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(57) Abstract: The invention relates to a method for managing application security carried out with the aid of a security module 
associated with mobile equipment. The inventive method authenticates at least one application (APP) functioning in equipment (CB) 
which is connected by a network (NET) to a control server (CSE), said equipment (CB) beihg locally connected to a security module 
(SIM), said application (APP) being loaded and/or run by means of an application running environment (AEE) for the equipment 
(CB) and utilizing resources (RES) stored in the security module (SIM), comprising the following preliminary stages: receipt of data 
comprising at least one identifier (IMEISV) of the equipment (CB) and the identifier (IMSI) of the security module (SIM), via the 
network (NET), by the control server (CSE); analysis and verification by the control server (CSE) of said data; generation of a cryp- 
togram (CRY) comprising an application (APP) imprint (FINI) of data identifying the equipment (CB) and the security module (SIM) 
and instructions (INS RES) for said module; transmission of the cryptogram(CRY), via the network (NET) and equipment (CB). 
to the security module (SIM); verification of the application (APP) by comparing the imprint (FTNI) extracted fi-om the cryptogram 
(CRY) received with an imprint (FIN2) which is determined by the security module (SIM). The inventive method is characterized in 
that, during initialization and/or activation of the application (APP), the security module (SIM) cairies out the instructions (INS RES) 
extracted from the cryptogram (CRY) and releases or respectively blocks access to certain resources (RES) of said security module 
(SIM) according to the result of the verification, which is proper to said application (APP)' and which was previously carried ouL 
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En ce qui conceme les codes d. deux lettres et auzres dbrSvia- 
tions, se referer aux "Notes explicatives relatives aux codes et 
abreviations" figurant au debut de chaque numero ordinaire de 
la Gazette du PCT, 



(57) Abrege : Le but de lapresente invention estde proposer une m^thode la gestion de la securite d'appli cations mise en oeuvre avec 
un module de s^curit^ associ£ ^ un ^uipement mobile. Ce but est atteint par une m^thode d'authentification d'au moins une applica- 
tion (APP) fonctionnant dans un equipement (CB) connecte par un reseau (NET) a un serveur de controle (CSE), ledit equipement 
(CB) 6tant localement connect^ ^ un module de s6curit6 (SIM), ladite application (APP) est charg^e et/ou ex6cut6e au moyen d'un 
environnement d'execution d'applications (AEE) de I'equipemenl (CB) et utilise des ressources (RES) stock^es dans le module de 
securite (SIM), comprenant les etapes preliminaires suivantes: reception de donnees comprenant au moins Tidentifiant (IMEISV) de 
I'^uipement (CB) et I'identifiant (IMSI) du module de security (SIM), via le reseau (NET), par le serveur de controle (CSE) analyse 
et verification par le serveur de controle (CSE) desdites donnees, generation d'un cryptogramme (CRY) comprenant une empreinte 
(FINI) de I'appHcation (APP), des donnees identifiant I'equipement (CB) et le module de securite (SIM) et des instructions (INS 
RES) destinees audit module, transmission dudit cryptogramme (CRY), via le reseau (NET) et I'equipement (CB), au module de 
s£ci2rit6 (SIM), verification de I'application (APP) en comparant I'empreinte (FINI) extraite du cryptogramme (CRY) re9u avec une 
empreinte (FIN2) d6termin6e par le module de securite (SIM), ladite methode est caract6ri,s6e en ce que, lors de I'initialisation et/ou 
de I'activation de I'application (APP), le module de s^curit^ (SIM) exdcute les instructions (INS RES) extraites du cryptogramme 
(CRY) et libere, respectivement bloque I'acces ^ certaines ressources (RES) dudit module de securite (SIM) en fonction du r6sultat 
de la verification propre ^ cette application (APP) effectu^ pr^lablement 



